Shared Networks to Support VNF
High Availability Across OpenStack
Multi Region Deployment
Speakers
Chaoyi Huang
OpenStack Tricircle PTL:
https://wiki.openstack.org/wiki/Tricircle
OPNFV Multisite PTL:
https://wiki.opnfv.org/display/multisite/
Multisite
Valentin Boucher
OPNFV Functest committer:
https://wiki.opnfv.org/display/functest
OPNFV Multisite committer:
https://wiki.opnfv.org/display/multisite
Vikram Dham
OPNFV OVN4NFV PTL:
https://wiki.opnfv.org/display/PROJ/Ov
n4nfv
OPNFV Multisite Committer:
https://wiki.opnfv.org/display/multisite/
Multisite
Agenda
Lab introduction
Video Conference in multisite
vIMS in multisite
How Tricricle help the networking
Lab introduction
Laptop Laptop
BeiJing
LangFang
DongGuang
Huawei Cloud Open Lab
Lab introduction ( Chaoyi )
LangFang
BeiJing
HOST5
HOST1
Host3
OpenStack
RegionOne
OpenStack
RegionThree
OpenStack
RegionTwo
JITSI
vIMS
vIMS
JITSI
JITSI TricirclevIMS
Mixed release environment
Tricricle + Neutron Server: Pike release
Three OpenStack clouds: Newton release
Multiparty Video Conference VNF
Multiparty Video Conference architecture
Jitsi Demo - Architecture
Why TriCircle for Jitsi?
Secure logical L2 private network between Jitsi Controller and Jitsi Video Bridges
Multisite Jitsi Deployment using TriCircle
vIMS - Software Architecture
MetaSwitch Clearwater
IMS architecture before
May 2017
vIMS - Demo Architecture
vIMS - Network Architecture+-----------------------+ +-----------------------+ +----------------------+
| ext-net1 | | ext-net2 | | ext-net3 |
| +-------+ | | +-------+ | | +--+---+ |
|RegionOne | | |RegionTwo | | | RegionThree | |
| +---+---+ | | +---+---+ | | +----+--+ |
| | R1 | | | | R2 | | | | R3 | |
| +--+----+ | | +--+----+ | | +--+----+ |
| | net1 | | | net2 | | net3 | |
| +---+--+---+-+ | | +---+--+---+-+ | | ++-----+--+---+ |
| | | | | | | | | | | |
| +---------+-+ | | | +---------+-+ | | | | +--+--------+ |
| |vIMS(non-HA| | | | | vIMS(HA) | | | | | | vIMS(HA) | |
| +-----------+ | | | +-----------+ | | | | +-----------+ |
| +----+--+ | | +----+--+ | | +-+-----+ |
| | R4(1) | | | | R4(2) | | | | R4(3) | |
| +-----+-+ | | +---+---+ | | +----+--+ |
| | | | | | | | |
+-----------------------+ +-----------------------+ +----------------------+
| bridge-net | |
+------------------------+------------------+
vIMS - Limitation & Evolution
Limitation :
VNF support only 2 sites for the moment
No HA for MANO component in the demo (but cloudify 4.0 support HA)
Possible next steps :
Support multisite into Functest/cloudify_ims test-case
Support multisite/tricircle in ONAP
How Tricricle help the networking
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
Create cross Neutron logical network
topology through central Neutron1
How Tricricle help the networking
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
Create cross Neutron logical network
topology through central Neutron1
Boot VM
in Nova2
Boot VM
in Nova2
How Tricricle help the networking
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
Boot VM
in Nova2
Boot VM
in Nova2
33 Attach network Attach network
How Tricricle help the networking
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
Trigger networking
automationTrigger networking
automation4 4
How Tricricle help the networking
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
Create cross Neutron logical network
topology through central Neutron1
Cross Neutron
networking automation
Cross Neutron
networking automation
XJOB
● Long duration networking automation job will be done by XJOB asynchronously
● Different SDN controller could be integrated as Neutron backend as ML2 driver or core plugin
55
L2 networking -
Shadow Port, Shadow Agent, ARP Proxy
Port1
Host1
Shadow
Port2
Shadow
Host2
Port2
Shadow
Port1
Shadow
Host1Host2
Port1’s VTEP
Port2’s VTEP
Port2’s VTEP
Port1’s VTEP
Shadow Port: a virtual object to represent a port in another cloud
Shadow Agent: a virtual object to represent VTEP of the shadow port, L2GW mode supported too.
ARP Proxy: configure L2 Population and ARP responder to enable APR proxy in compute node to
reduce MAC learning
Cross Neutron L2 Network: VxLAN, VLAN, Flat supported.
How Shadow Agent, Shadow Port go to another cloud
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
1.Port update, port1(host1)
How Shadow Agent, Shadow Port go to another cloud
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
2.Port update, port1(host1, VTEP)
How Shadow Agent, Shadow Port go to another cloud
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
XJOB
3.save shadow agent
4. Trigger async. job to setup
shadow port/agent
How Shadow Agent, Shadow Port go to another cloud
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
XJOB
OpenStack(Region Three)
5. Create shadow port
with VTEP info in profile
How Shadow Agent, Shadow Port go to another cloud
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
XJOB
OpenStack(Region Three)
6. Create shadow
agent/ port
How Shadow Agent, Shadow Port go to another cloud
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
XJOB
OpenStack(Region Three)
7. update shadow port to
up state
How Shadow Agent, Shadow Port go to another cloud
Neutron Server
Tricircle
Nova Cinder Neutron Server
OpenStack(Region One)
Cinder Nova
OpenStack(Region Two)
Tricircle Central
Neutron Plugin
Tricircle Local
Neutron PluginReal Core Plugin
Neutron Server
Tricircle Local
Neutron PluginReal Core Plugin
XJOB
OpenStack(Region Three)
8. Call real core plugin
for shadow port up. If
L2-population is
configured, L2pop
happened.
SDN Controller can be supported if it’s configured to the real core plugin
L3 networking -
Shadow Port, Shadow Agent, ARP Proxy
R R
Shadow Port2
Gateway Port1Gateway Port2
Shadow Port1
Bridge Network: a network used to connect routers in different cloud.
VxLAN, VLAN, Flat supported
Bridge Network
R R
Site to site VPN or dedicated line for securityTenant1
Tenant
2
Tenant level isolated
L2/L3 networking
Security and Isolation between clouds
Tricricle: networking elements
Local network
A network will only reside
in one OpenStack
cloud.
Network type could be
VLAN, VxLAN, Flat
Local router
A router will only reside in
one OpenStack cloud
Net1 Net2
R1 R2
Region One Region Two
● neutron net-create --availability-zone-hint RegionOne Net1
● neutron net-create --availability-zone-hint RegionTwo Net2
● neutron router-create --availability-zone-hint RegionOne R1
● neutron router-create --availability-zone-hint RegionTwo R2
Neutron Server
Tricircle Central
Neutron Plugin
Tricricle: networking elements
R3 R3
Region One Region Two
● neutron net-create --availability-zone-hint RegionOne --
availability-zone-hint RegionTwo Net3
● neutron router-create --availability-zone-hint RegionOne --
availability-zone-hint RegionTwo R3 Neutron Server
Tricircle Central
Neutron Plugin
Net3
Bridge-Net
R3
Cross Neutron L2 network
A network can be presented in more
than one OpenStack cloud.
Network type could be VLAN,
VxLAN, Flat
Non local router
A router can be presented in more
than one OpenStack cloud
Inter-connected via bridge network,
could be VLAN, VxLAN or Flat.
Tricricle: typical networking topology
+-----------------+ +-----------------+
|RegionOne | |RegionTwo |
| | | |
| phy_net1 | | phy_net2 |
| +--+---------+ | | +--+---------+ |
| | | | | |
| | | | | |
| +--+--------+ | | +--+--------+ |
| | | | | | | |
| | Instance1 | | | | Instance2 | |
| +------+----+ | | +------+----+ |
| | | | | |
| | net1 | | |
| +------+--------------------+---+ |
| | | |
+-----------------+ +-----------------+
+-----------------+ +-----------------+
| RegionOne | | RegionTwo |
| ext_net1 | | ext_net2 |
| +-----+-----+ | | +-----+-----+ |
| | | | | |
| +--+--+ | | +--+--+ |
| | R1 | | | | R2 | |
| +--+--+ | | +--+--+ |
| | | | | |
| +---+-+-+ | | +---+-+-+ |
| net1 | | | net2 | |
| +--------+--+ | | +--------+--+ |
| | Instance1 | | | | Instance2 | |
| +-----------+ | | +-----------+ |
| | | net3 | |
| +------+---------------------+----+ |
| | | |
+-----------------+ +-----------------+
Multiple North-South Gateways
Instances plugged into cross Neutron L2 network
Direct Provider Networks
Instances plugged into cross Neutron L2 network
Cross Neutron L2 network Cross Neutron L2 network
Tricricle: typical networking topology
Centralized North-South Traffic with East-
West L3 networking enabled
Non local router
Multi- North-South Gateways with East-
West L3 networking enabled
Non local router
Tricircle - downtime risk?
If Tricircle and the central Neutron server are
down, the existing networking and applications
can still work, each OpenStack Neutron still run,
only new network topology provisioning and
topology change will be affected.
Document: https://docs.openstack.org/developer/tricircle/
Code navigate: https://wiki.openstack.org/wiki/TricircleHowToReadCode
Wiki: https://wiki.openstack.org/wiki/Tricircle
Code base: https://github.com/openstack/tricircle/
Learn, use and contribute
Thank You